SESSION Day 2 Keynote: Oversupplied: The Solar Winds attack

Active for at least 10 months prior to discovery, compromising up to 18,000 computers during that time, including Government, security vendor and technology companies, the Solarwinds attack brought supply chain compromises to mainstream attention. Such attacks are not new however, with several notable attacks in recent years, and numerous similar attacks having been performed against South Korea over the last 10 years.

During this talk I'll cover some of this supply chain attack history, as well as go into detail on the Solarwinds attack, including the timeline, what tools were deployed, and how they were used.

Keynote Speaker: Gavin O'Gorman

Currently managing the Attack Investigations Team (AIT), Gavin has been a reverse engineer, incident response manager and intelligence analyst during his 11 year career in Symantec. Gavin's primary role is to gather together information from both Symantec data sources, and open sources, to build a comprehensive picture of an attack, or attackers. Another aspect of the job is to work with law enforcement to assist in the investigation of e-crime where possible. Prior to working in Symantec, Gavin spent several years researching network security in Dublin City University, and lectured part-time for the DCU Masters in Security & Forensics course.

Network and Distributed System Security (NDSS) Symposium 2021, 21 – 25 February 2021

NDSS Symposium 2021 Program

ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
https://www.ndss-symposium.org/

#NDSS #NDSS21 #NDSS2021 #InternetSecurity

source by NDSS Symposium

simple network management protocol